diff --git a/src/detect-engine-loader.c b/src/detect-engine-loader.c index b27bf7f999..281be7945c 100644 --- a/src/detect-engine-loader.c +++ b/src/detect-engine-loader.c @@ -180,20 +180,22 @@ static int DetectLoadSigFile(DetectEngineCtx *de_ctx, char *sig_file, SCLogDebug("signature %"PRIu32" loaded", sig->id); good++; } else { - SCLogError(SC_ERR_INVALID_SIGNATURE, "error parsing signature \"%s\" from " - "file %s at line %"PRId32"", line, sig_file, lineno - multiline); + if (!de_ctx->sigerror_silent) { + SCLogError(SC_ERR_INVALID_SIGNATURE, "error parsing signature \"%s\" from " + "file %s at line %"PRId32"", line, sig_file, lineno - multiline); + if (!SigStringAppend(&de_ctx->sig_stat, sig_file, line, de_ctx->sigerror, (lineno - multiline))) { + SCLogError(SC_ERR_MEM_ALLOC, "Error adding sig \"%s\" from " + "file %s at line %"PRId32"", line, sig_file, lineno - multiline); + } + if (de_ctx->sigerror) { + de_ctx->sigerror = NULL; + } + } if (rule_engine_analysis_set) { EngineAnalysisRulesFailure(line, sig_file, lineno - multiline); } bad++; - if (!SigStringAppend(&de_ctx->sig_stat, sig_file, line, de_ctx->sigerror, (lineno - multiline))) { - SCLogError(SC_ERR_MEM_ALLOC, "Error adding sig \"%s\" from " - "file %s at line %"PRId32"", line, sig_file, lineno - multiline); - } - if (de_ctx->sigerror) { - de_ctx->sigerror = NULL; - } } multiline = 0; } diff --git a/src/detect-parse.c b/src/detect-parse.c index b910d0d761..b03d3bfac3 100644 --- a/src/detect-parse.c +++ b/src/detect-parse.c @@ -258,6 +258,14 @@ void SigMatchFree(SigMatch *sm) SCFree(sm); } +static enum DetectKeywordId SigTableGetIndex(const SigTableElmt *e) +{ + const SigTableElmt *table = &sigmatch_table[0]; + ptrdiff_t offset = e - table; + BUG_ON(offset >= DETECT_TBLSIZE); + return (enum DetectKeywordId)offset; +} + /* Get the detection module by name */ static SigTableElmt *SigTableGet(char *name) { @@ -278,6 +286,12 @@ static SigTableElmt *SigTableGet(char *name) return NULL; } +bool SigMatchSilentErrorEnabled(const DetectEngineCtx *de_ctx, + const enum DetectKeywordId id) +{ + return de_ctx->sm_types_silent_error[id]; +} + bool SigMatchStrictEnabled(const enum DetectKeywordId id) { if (id < DETECT_TBLSIZE) { @@ -792,7 +806,17 @@ static int SigParseOptions(DetectEngineCtx *de_ctx, Signature *s, char *optstr, } if (setup_ret < 0) { SCLogDebug("\"%s\" failed to setup", st->name); - goto error; + + /* handle 'silent' error case */ + if (setup_ret == -2) { + enum DetectKeywordId idx = SigTableGetIndex(st); + if (de_ctx->sm_types_silent_error[idx] == false) { + de_ctx->sm_types_silent_error[idx] = true; + return -1; + } + return -2; + } + return setup_ret; } s->init_data->negated = false; @@ -1839,8 +1863,13 @@ static Signature *SigInitHelper(DetectEngineCtx *de_ctx, const char *sigstr, /* default gid to 1 */ sig->gid = 1; - if (SigParse(de_ctx, sig, sigstr, dir, &parser) < 0) + int ret = SigParse(de_ctx, sig, sigstr, dir, &parser); + if (ret == -2) { + de_ctx->sigerror_silent = true; + goto error; + } else if (ret < 0) { goto error; + } /* signature priority hasn't been overwritten. Using default priority */ if (sig->prio == -1) @@ -1982,6 +2011,7 @@ Signature *SigInit(DetectEngineCtx *de_ctx, const char *sigstr) SCEnter(); uint32_t oldsignum = de_ctx->signum; + de_ctx->sigerror_silent = false; Signature *sig; diff --git a/src/detect-parse.h b/src/detect-parse.h index a390abbe58..aa89e5e2e9 100644 --- a/src/detect-parse.h +++ b/src/detect-parse.h @@ -59,6 +59,8 @@ int DetectEngineContentModifierBufferSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg, int sm_type, int sm_list, AppProto alproto); +bool SigMatchSilentErrorEnabled(const DetectEngineCtx *de_ctx, + const enum DetectKeywordId id); bool SigMatchStrictEnabled(const enum DetectKeywordId id); const char *DetectListToHumanString(int list); diff --git a/src/detect.h b/src/detect.h index 35d17f43a0..0a895a8990 100644 --- a/src/detect.h +++ b/src/detect.h @@ -864,6 +864,7 @@ typedef struct DetectEngineCtx_ { /** Store rule file and line so that parsers can use them in errors. */ char *rule_file; int rule_line; + bool sigerror_silent; const char *sigerror; /** list of keywords that need thread local ctxs */ @@ -943,6 +944,7 @@ typedef struct DetectEngineCtx_ { * set for it. If true, the setup function will have to * run. */ bool sm_types_prefilter[DETECT_TBLSIZE]; + bool sm_types_silent_error[DETECT_TBLSIZE]; } DetectEngineCtx;